Share via


Disabling the Firewall per Interface

This example disables the firewall on a per interface basis using the Windows Firewall with Advanced Security APIs.

'  This VBScript file includes sample code that disables the firewall 
'  on a per interface basis using the Microsoft Windows Firewall APIs.


option explicit


' Profile Type
Const NET_FW_PROFILE2_DOMAIN = 1
Const NET_FW_PROFILE2_PRIVATE = 2
Const NET_FW_PROFILE2_PUBLIC = 4

Dim CurrentProfiles
Dim InterfaceArray
Dim LowerBound
Dim UpperBound
Dim iterate

' Keep firewall ON exept for a specific interface


' Create the FwPolicy2 object.
Dim fwPolicy2

Set fwPolicy2 = CreateObject("HNetCfg.FwPolicy2")

CurrentProfiles = fwPolicy2.CurrentProfileTypes

' The returned 'CurrentProfiles' bitmask can have more than 1 bit set if multiple profiles 
' are active or current at the same time

if ( CurrentProfiles AND NET_FW_PROFILE2_DOMAIN ) then
   if fwPolicy2.FirewallEnabled(NET_FW_PROFILE2_DOMAIN) <> TRUE then
      fwPolicy2.FirewallEnabled(NET_FW_PROFILE2_DOMAIN) = TRUE
   end if

   'Exclude Interfaces such that the firewall is OFF on those interfaces.
   InterfaceArray = Array("Local Area Connection")
   LowerBound = LBound(InterfaceArray)
   UpperBound = UBound(InterfaceArray)
   WScript.Echo("   Excluded interfaces in Domain profile: ")    
   for iterate = LowerBound To UpperBound
      WScript.Echo("    " & InterfaceArray(iterate))
   Next
   fwPolicy2.ExcludedInterfaces(NET_FW_PROFILE2_DOMAIN) = InterfaceArray
end if

if ( CurrentProfiles AND NET_FW_PROFILE2_PRIVATE ) then
   if fwPolicy2.FirewallEnabled(NET_FW_PROFILE2_PRIVATE) <> TRUE then
      fwPolicy2.FirewallEnabled(NET_FW_PROFILE2_PRIVATE) = TRUE
   end if

   'Exclude Interfaces such that the firewall is OFF on those interfaces.
   InterfaceArray = Array("Local Area Connection")
   LowerBound = LBound(InterfaceArray)
   UpperBound = UBound(InterfaceArray)
   WScript.Echo("   Excluded interfaces in Private profile: ")    
   for iterate = LowerBound To UpperBound
      WScript.Echo("    " & InterfaceArray(iterate))
   Next
   fwPolicy2.ExcludedInterfaces(NET_FW_PROFILE2_PRIVATE) = InterfaceArray
end if

if ( CurrentProfiles AND NET_FW_PROFILE2_PUBLIC ) then
   if fwPolicy2.FirewallEnabled(NET_FW_PROFILE2_PUBLIC) <> TRUE then
      fwPolicy2.FirewallEnabled(NET_FW_PROFILE2_PUBLIC) = TRUE
   end if

   'Exclude Interfaces such that the firewall is OFF on those interfaces.
   InterfaceArray = Array("Local Area Connection")
   LowerBound = LBound(InterfaceArray)
   UpperBound = UBound(InterfaceArray)
   WScript.Echo("   Excluded interfaces in Public profile: ")    
   for iterate = LowerBound To UpperBound
      WScript.Echo("    " & InterfaceArray(iterate))
   Next
   fwPolicy2.ExcludedInterfaces(NET_FW_PROFILE2_PUBLIC) = InterfaceArray
end if